True. It also mandates everything be encrypted across the wire which means disabling/blocking TCP5060 (disable on server, block as 2ndary defense measure on firewalls) and only allowing TCP5061/2 through. IIRC,
On Thu, Dec 27, 2012 at 5:36 PM, Steven Peck <[email protected]> wrote: > HIPPA actually depends. It doesn't flat say you need to log > conversations. It's more nuanced than that and you need to make sure your > privacy policy and how you deal with PHI is handled. > > HIPPA is a lot about defining policy and processes more then anything. > The technology is merely there to support your policies and processes. :) > > We have Lync internally and do not archive globally. We have the > capability to do it set up and during 'investigations' enable it on some > people. Also, management is discussing allowing some people access to > Internets IM through it. If they do there will be two steps before your > account is enabled, one sign the PHI doc regarding IM and you will have > your account archived. > > Steven Peck > http://www.blkmtn.org > > > > On Thu, Dec 27, 2012 at 7:03 AM, Patrick Salmon <[email protected]> wrote: > >> IIRC, Lync archives conversations only. Any files sent through during the >> course of a conversation are not archived. May be wrong - that was >> certainly a hole in OCS's design which may well have been plugged. >> >> On Thu, Dec 27, 2012 at 9:54 AM, Ziots, Edward <[email protected]>wrote: >> >>> Any information can be passed along the file transfer or even the text >>> chat that could be related to patient care, therefore auditing and logging >>> would need to be turned on.**** >>> >>> ** ** >>> >>> Again I side with if you don’t need it for business reasons, then it >>> shouldn’t be on the network. **** >>> >>> ** ** >>> >>> Z**** >>> >>> ** ** >>> >>> Edward E. Ziots, CISSP, Security +, Network +**** >>> >>> Security Engineer**** >>> >>> Lifespan Organization**** >>> >>> [email protected]**** >>> >>> ** ** >>> >>> *From:* Chinnery, Paul [mailto:[email protected]] >>> *Sent:* Thursday, December 27, 2012 9:03 AM >>> >>> *To:* NT System Admin Issues >>> *Subject:* RE: Instant Messaging**** >>> >>> ** ** >>> >>> HIPAA**** >>> >>> ** ** >>> >>> Got ya, Don. :)**** >>> >>> ** ** >>> >>> Back to the subject, though, I'm not sure if logging is necessary if the >>> information is not related to patient care.**** >>> >>> ** ** >>> >>> *From:* Guyer, Don [mailto:[email protected] <[email protected]>] >>> *Sent:* Thursday, December 27, 2012 8:58 AM >>> *To:* NT System Admin Issues >>> *Subject:* RE: Instant Messaging**** >>> >>> ** ** >>> >>> HIPPA, for one.**** >>> >>> ** ** >>> >>> Regards,**** >>> >>> * * >>> >>> *Don Guyer** >>> **Catholic Health East - Information Technology***** >>> >>> Enterprise Directory & Messaging Services >>> 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073**** >>> >>> email: *[email protected]***** >>> >>> Office: 610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440**** >>> >>> *For immediate assistance, please open a Service Desk ticket or call >>> the helpdesk @ 610-492-3839.* >>> >>> [image: Description: Description: Description: InfoService-Logo240]**** >>> >>> ** ** >>> >>> *From:* joseph palmieri [mailto:[email protected] <[email protected]>] >>> >>> *Sent:* Thursday, December 27, 2012 8:54 AM >>> *To:* NT System Admin Issues >>> *Subject:* Instant Messaging**** >>> >>> ** ** >>> >>> Not sure if this is the issue should be posted here if not maybe you >>> could point me in the right direction**** >>> >>> Are there any federal regulations or compliance laws regarding instant >>> messaging e.g.( does logging need to maintained and monitored) **** >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to [email protected] >>> with the body: unsubscribe ntsysadmin**** >>> >>> Confidentiality Notice: >>> This e-mail, including any attachments is the >>> property of Catholic Health East and is intended >>> for the sole use of the intended recipient(s). >>> It may contain information that is privileged and >>> confidential. Any unauthorized review, use, >>> disclosure, or distribution is prohibited. If you are >>> not the intended recipient, please delete this message, and >>> reply to the sender regarding the error in a separate email. **** >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to [email protected] >>> with the body: unsubscribe ntsysadmin**** >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to [email protected] >>> with the body: unsubscribe ntsysadmin**** >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to [email protected] >>> with the body: unsubscribe ntsysadmin >>> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<image001.jpg>>
